On 26.04.2012 07:06, Isamar Maia wrote:
Hi Folks,
I am using squid version Version 2.6.STABLE22
which comes included in Endian Firewall version 2.4.1,
with Windows AD authentication(NTLM)
I am exporting access logs to "Mysar" Web log reporter and in the
reports,
I can see WIndows AD user logins and some records come with a dash(-)
sign.
Checking access.log from squid, the dashes are in this log file.
How can I eliminate the dash sign records ?
You can't.
* software which does not support proxy login of the types you want to
use does not send a username.
* Windows NTLM involves a set of handshake requests the first few do
not have any username included.
* software which has good security practices and does not broadcast
your users login credentials around the Internet will tests for access
without credentials first.
You can minimize the number of such requests by enabling persistent
connections HTTP feature in all software, and also by pushing for
software which does not support proxy login to be upgraded to versions
which do support it.
Why they are there ?
It is a web request made without login details. There is no username to
be logged.
PS. I really recommend upgrading your Squid, that version is not
supported for many years now. Endian apparently have a 2.5 version out,
if that does not come with a recently supported Squid please push them
to update their releases.
Amos
